apiVersion: storage.k8s.io/v1beta1
kind: CSIDriver
metadata:
  name: diskplugin.csi.alibabacloud.com
spec:
  attachRequired: false
---
kind: DaemonSet
apiVersion: apps/v1
metadata:
  name: csi-diskplugin
  namespace: kube-system
spec:
  selector:
    matchLabels:
      app: csi-diskplugin
  template:
    metadata:
      labels:
        app: csi-diskplugin
    spec:
      tolerations:
      - operator: "Exists"
      priorityClassName: system-node-critical
      serviceAccount: alicloud-csi-plugin
      hostNetwork: true
      hostPID: true
      containers:
        - name: driver-registrar
          image: {{ alicloud_csi_driver_registrar_repo }}:{{ alicloud_csi_driver_registrar_tag }}
          imagePullPolicy: IfNotPresent
          lifecycle:
            preStop:
              exec:
                command: ["/bin/sh", "-c", "rm -rf /registration/diskplugin.csi.alibabacloud.com /registration/diskplugin.csi.alibabacloud.com-reg.sock"]
          args:
            - "--v=5"
            - "--csi-address=/var/lib/kubelet/plugins/diskplugin.csi.alibabacloud.com/csi.sock"
            - "--kubelet-registration-path=/var/lib/kubelet/plugins/diskplugin.csi.alibabacloud.com/csi.sock"
          env:
            - name: KUBE_NODE_NAME
              valueFrom:
                fieldRef:
                  apiVersion: v1
                  fieldPath: spec.nodeName
          volumeMounts:
            - name: pods-mount-dir
              mountPath: /var/lib/kubelet/
            - name: registration-dir
              mountPath: /registration
        - name: csi-diskplugin
          securityContext:
            privileged: true
            capabilities:
              add: ["SYS_ADMIN"]
            allowPrivilegeEscalation: true
          image: {{ alicloud_csi_diskplugin_repo }}:{{ alicloud_csi_diskplugin_tag }}
          imagePullPolicy: "IfNotPresent"
          args:
            - "--endpoint=$(CSI_ENDPOINT)"
            - "--v=5"
            - "--driver=diskplugin.csi.alibabacloud.com"
          env:
            - name: CSI_ENDPOINT
              value: unix://var/lib/kubelet/plugins/diskplugin.csi.alibabacloud.com/csi.sock
            - name: ACCESS_KEY_ID
              value: "{{ ali_access_key_id }}"
            - name: ACCESS_KEY_SECRET
              value: "{{ ali_access_key_secret }}"
            - name: MAX_VOLUMES_PERNODE
              value: "15"
            - name: DISK_TAGED_BY_PLUGIN
              value: "true"
          volumeMounts:
            - name: pods-mount-dir
              mountPath: /var/lib/kubelet
              mountPropagation: "Bidirectional"
            - mountPath: /dev
              mountPropagation: "HostToContainer"
              name: host-dev
            - mountPath: /var/log/
              name: host-log
            - name: etc
              mountPath: /host/etc
      volumes:
        - name: registration-dir
          hostPath:
            path: /var/lib/kubelet/plugins_registry
            type: DirectoryOrCreate
        - name: pods-mount-dir
          hostPath:
            path: /var/lib/kubelet
            type: Directory
        - name: host-dev
          hostPath:
            path: /dev
        - name: host-log
          hostPath:
            path: /var/log/
        - name: etc
          hostPath:
            path: /etc
  updateStrategy:
    type: RollingUpdate